Tagged Questions

Implementing a cipher or protocol is the process of taking it from its mathematical or algorithmic description and producing a working version, often in computer software or hardware. This tag should be used for any question discussing the various potential considerations and pitfalls of this ...

Are there any open source crypto libraries that can be used in embedded systems or in other memory constrained places like a boot rom? I am looking for libraries that I can compile only the algorithms ...

I'm trying to resolve a discrete logarithm equation:
$$y = g^x \bmod p$$
Every parameter is a 512-bit number. I know the values for $g$, $y$ and $p$ and I need to find the $x$ value. Finally, I know ...

I am struggling to understand how to implement the PRINCE cipher linear layer. (https://eprint.iacr.org/2012/529.pdf)
From my understanding I need to multiply the state with M, and with M' in between ...

I am looking for a zk framework that could be used for proving correct execution of programs written in C (or any other high level language) such as:
I know x s.t. SHA-256(x) = y (y is public, x is ...

A quick question, we know that raw RSA is a no go. To solve this we have different PKCS standards forcing structure on the input messages.
For EC the story is something else. For signatures we have ...

Recently, I've been reading a couple of papers about building cryptosystems that are secure for up to 30 years. But for some applications, this seems a bit low to me. So I am wondering if considering ...

I'm trying to decode a text which is encoded by Vigenère followed by a columnar transposition.
The method I want to use is trying random columnar transpositions and then rating how much the text that ...

I'm using Crypto++ to implement my protocol to mask a value $y_i$ by a seudorandom value $r_i$ such that $m_i=y_i \cdot r_i$. Since there are many $r_i$'s I want to generate them using PRG and then ...

I have recently been playing with Chacha20-Poly1305 with libsodium, and all of the examples state the additional data portion of the tag is stored in plaintext when encrypted. But from what I can tell ...

Is Sage a better alternative to C++(with NTL), for programming that involves math objects like polynomial rings in cryptosystems? I hear that Sage is an open source alternative to Magma. I have used ...

I need to implement Blakley's Secret Sharing Scheme. I have read below mentioned two research papers but still unable to understand how to implement it.
Safeguarding cryptographic keys
Two Matrices ...

In RFC 1320, It is stated that "A 64-bit representation of b (the length of the message before the padding bits were added) is appended to the result of the previous step. In the unlikely event that b ...

I am currently implementing Salsa20 from the specification as an exercise in learning and self-flagellation.
I have Sections 1-7 passing the test examples provided. I am now stuck on Section 8, The ...

i'm implementing DES in python and i've stumbled upon a problem i can't really find the problem, after debugging it i narrowed it down to this function, can anyone tell me if i'm implementing the DES ...

As a beginner in cryptography, I do not know anything about different pairing types more than their names. So far, I know these names: Ate pairing, tate pairing, eta pairing, and r-ate pairing.
I am ...

I discovered the CRT version of RSA cryptosystem which is used in many crypto libraries (openSSL, Java...).
The use of the Chinese Remainder Theorem improves the speed of decryption so why it's not ...

I am trying to implement the Fluhrer, Mantin and Shamir attack, one of the ways to break WEP. I seem to have hit on a problem. I have no idea whether or not it is a programming error, or if I don't ...

I am trying to find information about the Signature Algorithm SHA512withRSA and have been unsuccessful so far.
In the current state, the signature is too long, so I would like to check the code for ...

I am interested in the ways the implementation of an RSA key generation implementation can or cannot be subverted so that the subverter has an advantage, but the owner of the key, and the people who ...

I have some spare time, and a few hundred DJB2-hashed values sitting around. I thought I'd try to do something "useful" and invert DJB2, such that I could calculate the plaintext of the hashes (which ...

If I wanted to use Blowfish or Twofish to provide security on a device where power consumption is crucial. Regarding power consumption, which one would win?
Generally, which algorithms are known to ...